Uploads Contact
/
Login Upload
Securing CBC mode Against Padding Oracle Attacks Securing CBC mode Against Padding Oracle Attacks

Securing CBC mode Against Padding Oracle Attacks - PDF document

pamella-moone
pamella-moone . @pamella-moone
Follow
388 views
Uploaded On 2016-07-05
About Share Download

Share:

Link:

Embed:

Download Presentation from below link

Download Pdf The PPT/PDF document "Securing CBC mode Against Padding Oracle..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Presentation Transcript

Securing CBC mode Against Padding Oracle Attacks  \n  \r  \r\n \r     \r  !" Outline  #! $%# &'!()   &*$\n  + &*$\n,\n -  "  $% !)    $ \r  $ \r. \n  /&$&$ )  *0#+   \r"& Cipher-Block-Chaining (CBC) $\r  1  \n +$\r  1    \n #2 3 #2  3  #2 +3 #2  +3  Padding 4$\n&  )\n\n&\n    \n)    $%\n5  6\r  $ $% !) \n&7&*$8 Padding Oracle &*$ 6\r4  , Do padding oracles exist in real life? 9\n \r :  $) &*$\n& )   \n$  $%\n; Side Channel Attacks "  \r\n;$ $  &  )\n ))  $  $\r  ) \n  ,)\n1") )\n\n&\n $ \n; Padding Oracles in Practice"  +$\r  /=)\n\n&\n\n  $;  / . " \n"\n   $ \n\n$ \n. $  \n, $\r  \r; Padding Oracles in Practice4$   \n\n  & \r $ $%    $$\n  " )\n\n&\n\n\n$   $  \n  &\n  Padding Oracles in Practice�"  .\n\n&\n. $\r    \n)\r\n  ). &   )\n\n&\n$\r      $$\n \n\n\n \n   Padding Oracles in Practice�"  7\n\n 4 $  �" 8\r &6\r6& ,\r ?@@A  " & $\n&\r  #\n)       $  , ;  \r#$\r & $   \n )   $  , ;  $ $\n\n \n\n\n     \n\n\n)  $ \n\n\n $\n\n ) ,  $% $ \n\r\n \n);&;\n\n  Padding Oracle Attack #2  +3    \n B   ! \n  & $%  \n  !"" &*$   & $ \n Example: CBC-PAD !#+  !\r #   &\n$ )  4 # \r \nC  \n  $%  # \r \n  #$  #\r \n # # # # %%%%%%$ Example: CBC-PAD   & $ \n   ,   \n 2  ??  AAA  $;  " \n $$   \n1 2�?  2�?2E2�??F ;  " & 2 \n) \n %\r  $$;  \n \n  \n \r    , ;    $ &\n$\n  & $$  ,  \r   ); Solving the Problem &'\r\r(&\n$ )-      \n\n$ )\n\n$-  4\n \n     $ $\r  - Provable Security 4  $\r \n\n.$7 \n $$\r  8;  /\n  )\r$ *G$ 1  \n$ \r  $  \n) \r     \n$ \r  ) &\n;     *  $     * \r&) ; Provable Security,)1  \n\n)  $  $ \n\n  $  ;  $  \n\n$ \r\r&&$    #\r\n\n  ;    %  $ )\n    ; Practice Orientated Provable Security 4  $\r! &\r  4 &  $%$ \n  \n$ \r   $ \n$ \r# )  $  C     \n$ \r Security Models 4\n &\n  \r1     & ' (     )' (  / \n\n'/ (  ) $$ \r')( Relations between Models  # # & # #  ) /# #\n\n ) $ Left-or-Right ,)  # *+,\n *(-!$,$,*((   *( ,)  # *+,\n *(-!$,$,*((';(   *( \n\r. **( #"3JKL**(MNOK  \n\r=\n &   \n\n\r)) $$\r  \n$ ) J', (; Defining CBC Mode/ /, /, / " $\r  $   %\n \n & )    $%\n5;  " $\r  $     \n)\n\n&\n & )    $%\n5; /  / , / , / " $\r  $    %\n)&   $  \n $\r \n;  " $\r  $  )\n  $\r  ; LoR-PO-CPA ,)  #*# *+,\n /*(/ -!$,$,*((';(   *( \n\r. **( #*#JKL**(MNOK  \n\r=\n & $$ \n$ \r) \n\r  $&&;)) \n$$ \n   ) \n)   \n\r; Finding a Secure Padding Method "\n%1  /\n$&)  ) \n$;   !)  \n$  \n&) ; OZ-PAD *#0 '*0(&)   !    &)   /\n  2   ,  " 5  )  @ \n   $%\n  2 @@@@@;;PP;P@@ OZ-PAD   *0#+) \n  , \n$ $ \r;  *,$  1  4 \n  $%  , \n5  $%;  " \n & $ \n$  , ;  " $ $   &\n \n\nC  &\n\n&  , ; OZ-PAD is not LoR-PO-CPA 46  +3 ) 46 )Å)@ +*+ JQ4 *\n JQ6  2 $%)\n\n&\n + R \n  $\r   $ $$%? $%\n $  ,  12""  $ \n $\r     +  \n; One-way Security of OZ-PAD \n\n   6\r=\n $%;  $ &$  , $ \n\r $ \n &$ & , ;       \n \n$   1   \n Arbitrary Tail Padding " \n \n1  \r            ! *  ) 1  ,) \n    ,     \n  \n+++\n\n+\n++%%%%%%%%$\n @@@@@PPPPPP@@ What are the advantages?   \r &\n &\n )\n\n&\n;  &*$\r\n ;  6\r=\n $%\n \n  ; LoR-PO-CPA Security? \n )\n  \n$ \r;     \n\r$ $%!+ \n\r,\n \n  $ $%!;  $  , \n &\n\n $) & $\n ) $ ; !+ !  & )  !' !+') = = ) *+,\n #*# #!+! Defining Good/Bad Padding Schemes  ) *0#+\n &;  7& 8&\n$ )\n   &\n; CCA Security –Authenticated Encryption \n  $ )!) \n )&\n$ )\n ).;    $ $\r   \n$&  ;&; $%   .\r \r\n $ ) \n  $ $\r  $ ); Padding Oracles in Practice�"  .\n\n&\n. $\r    \n)\r\n  ). &   )\n\n&\n$\r      $$\n \n\n\n \n   Padding Oracles in Practice�"  7\n\n 4 $  �" 8\r &6\r6& ,\r ?@@A  " & $\n&\r  #\n)       $  , ;  \r#$\r & $   \n )   $  , ;  $ $\n\n \n\n\n     \n\n\n)  $ \n\n\n $\n\n ) ,  $% $ \n\r\n \n);&;\n\n  CCA Security –Authenticated Encryption \n  $ )!) \n )&\n$ )\n ).;    $ $\r   \n$&  ;&; $%   .\r \r\n $ ) \n  $ $\r  $ ); Summary 4 \n 6\r=\n&*$ $%    $    \n$ \r  4  $S$ \r. \n  4\n$\n\n   $&) \n  *0#+   \r"&  7& 8&\n$ )\n   &\n Thank YouB\n  \n-

Related Contents


Padding Oracle Attacks
Padding Oracle Attacks PDF document
426 views
Padding Oracle Attacks
Padding Oracle Attacks PDF document
419 views
Workshop 1:
Workshop 1: PDF document
406 views
Workshop 1:
Workshop 1: PDF document
393 views
Authenticated Encryption
Authenticated Encryption PDF document
432 views
How to Submit a Fake Talk to a Con
How to Submit a Fake Talk to a Con PDF document
398 views
Securing Wireless Medical Implants
Securing Wireless Medical Implants PDF document
371 views
Message Integrity
Message Integrity PDF document
447 views
Does Your Time to First Byte Bite?
Does Your Time to First Byte Bite? PDF document
370 views
Does Your Time to First Byte Bite?
Does Your Time to First Byte Bite? PDF document
386 views
Securing Wireless Medical Implants
Securing Wireless Medical Implants PDF document
344 views
CSS Layout
CSS Layout PDF document
436 views
Next Show more